Metadata-Version: 2.1
Name: pyDANETLSA
Version: 0.1.0
Summary: Python library to generate a TLSA record format based on the active certificate on a host.
Home-page: https://github.com/okoeroo/pyDANETLSA
Author: Oscar Koeroo
Author-email: okoeroo@gmail.com
License: UNKNOWN
Project-URL: Bug Tracker, https://github.com/okoeroo/pyDANETLSA/issues
Description: Author: Oscar Koeroo
        
        
        # pyDANETLSA
        Generate TLSA record for DANE. Generated either by probing the resource and using a StartTLS or plain TLS handshake to extract the certificate, public key and formulate a TLSA 3 1 1 format. Also a X.509 in PEM or DER file format is possible.
        
        ## Class: danetlsa
        ### Initializer / __init__():
        Start a new instance of pyDANETLSA and initialize it with the following named attributes:
        
        * fqdn: Fully Qualified Domain Name which sets the full name of a host, e.g. smtp.koeroo.net. From this value the domain and host part is extracted. However, the algorithm expects a zone of two components, being the TLD and the zone name. If this is either three or one for gTLDs the calculation is borked. Use the ***domain*** attribute to force the calculation to become relative to the provided domain instead of guessing the zone structure.
        * port: The TCP or UDP port number for with the DANE TLSA record is to be generated.
        * tlsa\_protocol: Select the output TLSA protocol. Options are limited to 'tcp', 'udp' and 'sctp'. Default is 'tcp'.
        * probe\_protocol: Selects the probe method/read method. Choices are fixed to:
        
           * ***DANETLSA_IMAP***: Probes IMAP with StartTLS on the provided port.
           * ***DANETLSA_POP3***: Probes POP3 with StartTLS on the provided port.
           * ***DANETLSA_SMTP***: Probes SMTP with StartTLS on the provided port.
           * ***DANETLSA_TLS***: Probes with plain TLS on the provided port.
           * ***DANETLSA_PEM***: Reads a certificate from the ***certfile*** property. The file must be in PEM format.
           * ***DANETLSA_DER***: Reads a certificate from the ***certfile*** property. The file must be in DER format.
        
        * certfile: Optional for network probe ***protocol*** selections. File path to a PEM or DER certificate to read. File must exist and must be a file (or symlink to a file).
        
        ### connect()
        See ***engage()***
        
        ### engage()
        This will trigger the reading of the file or start the network connection to the selected ***protocol*** to extract the certificate, transform the certificate in the right internal formats and generate the information required for a DANE TLSA record. This information can then be retried with other methods.
        
        ### subject_dn()
        Returns the Subject DN in classic OpenSSL subject format.
        ```
        /C=NL/ST=Zuid-Holland/L='s-Gravenhage/O=Rijksoverheid/CN=ncsc.nl
        ```
        
        ### process_pubkey_hex()
        Internal function to process the public key hex value from the fetched certificate.
        Returns the hex value
        ```
        78a80c6362af724f11433375890632cc099cd55a985c6e4a4a8ad741fe032f35
        ```
        
        ### pubkey_hex()
        Returns the hex value of the public key.
        ```
        78a80c6362af724f11433375890632cc099cd55a985c6e4a4a8ad741fe032f35
        ```
        
        ### tlsa_rdata_3_1_1()
        Returns the ***3 1 1*** format value.
        ```
        3 1 1 78a80c6362af724f11433375890632cc099cd55a985c6e4a4a8ad741fe032f35
        ```
        
        ### tlsa_rr_name_host()
        Returns the resource record name for TLSA appropriate for the service.
        ```
        _25._tcp.smtp
        ```
        
        ### tlsa_rr_name_fqdn()
        Returns the resource record name as full FQDN value for TLSA appropriate for the service.
        ```
        _25._tcp.smtp.koeroo.net.
        ```
        
        ### tlsa_rr()
        Returns full resource record, which looks a lot like a zone file.
        ```
        _25._tcp.smtp IN TLSA 3 1 1 78a80c6362af724f11433375890632cc099cd55a985c6e4a4a8ad741fe032f35
        ```
        
        ### tlsa_rr_fqdn()
        Returns full resource record, which looks a lot like a zone file, the host is now an absolute name.
        ```
        _465._tcp.smtp.koeroo.net. IN TLSA 3 1 1 78a80c6362af724f11433375890632cc099cd55a985c6e4a4a8ad741fe032f35
        ```
        
        
        ## Example:
        ```python
        #!/usr/bin/env python3
        
        import pyDANETLSA
        
        print("Protocol support list:", pyDANETLSA.DANETLS_protocols)
        
        d = pyDANETLSA.danetlsa(fqdn='smtp.koeroo.net.', port=25,  protocol=pyDANETLSA.DANETLSA_SMTP)
        d.engage()
        print("TLSA RR with FQDN", d.tlsa_rr_fqdn())
        ```
        
        
Platform: UNKNOWN
Classifier: Programming Language :: Python :: 3
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Requires-Python: >=3.4
Description-Content-Type: text/markdown
